220 likes | 394 Views
PHP 3: Maintaining State. I450 Technology Seminar Copyright 2003, Matt Hottell. State. Pure HTML pages have no way to know what the user has done before. Scripting languages like PHP, JSP, and ASP allow web pages to have a “memory” of past interactions.
E N D
PHP 3: Maintaining State I450 Technology Seminar Copyright 2003, Matt Hottell
State • Pure HTML pages have no way to know what the user has done before. • Scripting languages like PHP, JSP, and ASP allow web pages to have a “memory” of past interactions. • This allows pages to be dynamically generated for different users.
Maintaining State Scripting languages utilize 5 ways to keep state information: • Client side: • Encoding data in URLs • Hidden variables • Cookies • Server side: • Database • Sessions
Client Side: Using URLs • Using GET, we can encode date directly into an anchor tag: <a href = “http://scythe.uits.indiana.edu/~mhottell/picgallery.php?pic=2”>Next</a> • Often, these anchors are generated by a script using current variable values.
Using URLs • Example: http://scythe.uits.indiana.edu/~mhottell/php_state/picgallery.php • Security problems…
Hidden Variables • Hidden variables can be used in much the same way as the data-encoded URLs • They are used to send extra data to a script when a form is submitted. <input type=“hidden” name=“pic” value=“one” />
Client Side: Cookies • Cookies are small text files that are stored on the client computer. • These files usually contain state information that is retrieved the next time the user requests a page. • Cookies have variable “life span” – they can be set to expire after a certain period of time
Cookies • PHP provides a simple function called setcookie() that allows cookies to be constructed and placed on the client machine. • By default, only 20 cookies from a particular web server are generally allowed on a client machine at once.
setcookie() setcookie() takes six arguments, of which all but the first is optional. /*example setcookie() call */ setcookie(‘name’, ’value’, expire, ‘path’, ‘domain’, secure)
setcookie arguments • Name • This is the name of the variable you are going to store on the machine • Value • This is the value of the variable you are storing • Expire • This is the exact time when the cookie should expire. • By default, this is when the browser is closed • time() + (60 * 60 * 24) = 1 day
setcookie arguments • Path • Allows for cookies to be read by only subdirectories of the web server. • By default, path is the entire web server • Domain • Limits cookies to a single domain on a web server • Secure • Integer value: 0 for nonsecure, 1 for HTTPS • 1 requires a secure connection already be established
Setting cookies • In PHP, you must use setcookie() before ANY other data is sent to the browser or an error will be triggered. • Therefore, the php tag containing your cookie setting has to occur directly after the shebang line on scythe. • Even one space will cause an error!
Reading cookies • Cookie data is read automatically by PHP and is available through the superglobal $_COOKIE array. /*get the cookie value for name */ $name=$_COOKIE[‘name’];
Deleting cookies • You can delete a cookie by calling setcookie() with a name and no arguments. /*delete the name cookie*/ setcookie(‘name’);
Cookie caveats • Some people turn off cookies. Therefore, applications that rely solely on cookies will not work for these people. • Cookies can be cleared. • Simple courtesy should be to save as little information on the client as possible.
Server Side: Sessions • Sessions are data that are stored in a file on the server. • Sessions usually only last until the browser window that called the script is closed.
Sessions • You can think of a session as a simple place to stash variable values you will want later on. • As long as the browser window is not closed, the variables will be accessible
Storing session variables • session_start() tells PHP that there may be a session in progress and to grab any session data that has been stored. • $_SESSION[‘username’] = $username; would store the value in $username into the session under the name ‘username’
Accessing session variables • As in cookies, we use a superglobal array. • In this case, the array is $_SESSION. /*get the value of the session variable named class*/ $class=$_SESSION[‘class’]; • We can also access session variables through $HTTP_SESSION_VARS
Server Side: Database • We have done a complete tech seminar on storing information in a database. See the PHP 2 tech seminar for more information.
Combination Strategies • Often, web applications will employ some combination of strategies to keep state information. • Doubleclick: • Stores tracking number in a cookie • Logs site visits in a database
Example page http://scythe.uits.indiana.edu/~mhottell/php_examples/